Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.
CPE | Name | Operator | Version |
---|---|---|---|
monsta_ftp | le | 2.10.1 |